Entity-level controls and internal control system

Entity-level controls and the internal control system (ICS) are key elements in the proper functioning of corporate governance.
Insurance companies are legally obliged to establish an effective internal control system (ICS) for their entire business (Art. 27 ISA). The ICS covers a company’s internally prescribed processes, methods and measures designed to secure adequate management control, leading to effective business processes, reliable financial reporting and compliance with laws and regulations.

Within the “ICS assessment – self-assessment of the company-wide controls & internal control system” (ICSA) survey, FINMA periodically collects information about the internal control system in place at the insurance company, the insurance group or the insurance conglomerate. The focus is on the underlying processes, methods and measures for ensuring that there is an appropriate level of assurance regarding the risks of the business. Information about the maturity of the ICS is also gathered.

The information obtained helps FINMA to assess the ICS structure and processes (ICS framework) in place at the insurance company, group or conglomerate.

The findings from the ICS assessment are incorporated into the overall assessment of the insurance company group or the conglomerate as well as FINMA’s supervisory process. They can lead to follow-up activities either for individual insurance companies, selected groups of insurance companies or for the overall market.
2018/03 FINMA Circular "Outsourcing – banks and insurers" (21.09.2017)

Outsourcing at banks and insurance companies

Updated: 31.10.2019 Size: 0.38  MB
Add to personal download list
2017/02 FINMA Circular "Corporate governance – insurers" (07.12.2016)

Corporate governance, risk management and internal control system at insurers

Updated: 07.12.2016 Size: 0.28  MB
Add to personal download list